asymmetric, i.e, the opposition side making areas ungovernable as opposed to governing them, then this thing will go, and this aid will perpetuate in the absence of any real political transition. thank you. >> okay. let's take another round of of questions and comments. go here first. yes, you, sir. >> richard lobin from the naval war college and sudan studies association. and i really appreciate the optimistic data that has been presented, the path to stability as is the title. but i think you're struggling to get the glass half full when, in fact, it really is at least more than half empty. and it seems like the main agenda should be management of crisis and conflict. i'm inclined to look at that when i see the map that says

unity state next to -- [inaudible] and it's the most contested, least unified place. when i look at the call for release of detainees and yet simultaneously the call for accountability. and those aren't easily reconciled. and i think that the discussion would be enhanced today when we would talk about david yahya, george author, the new railway maybe between babanoosa, the question of the whole neighborhood being in a pretty horrible condition. when a special envoy, scott gratin, and i were training the first cohort to go to juba, everyone was very optimistic. much like the panelists. a pathway forward, let's go ahead. and yet i said just slow down a little bit. you have to look at what's going to be the situation in south sudan after independence.

all the people are going to be the same people. the neighbors will be the same neighborhood. north sudan is not going to move to the north pole and south sudan move to some other place. it's going to still have neighbors with c.a.r. which is a complete and total wreck today. uganda's not exactly a model for democracy not to mention human rights. kenya who, the last time i was in juba, kenya was having its election which didn't turn out exactly perfectly. and khartoum is still in a complete wreck. ask that's the situation -- and that's the situation. so my comment is perhaps we need to recalibrate instead of pathway to stability and some hausian future, but we need to make an agenda which is far more realistic, management of crisis and conflict. because that's what's going to be on the agenda. thank you. >> okay, thank you very much. please, right here.

>> my name is leslie warner, i'm a political military analyst focusing on africa at cna, and my question is with regard to the deployment to south sudan. of course, it came at the invitation of the goth of south sudan -- government of south sudan, but i'm particularly interested from a u.s. government standpoint, does the u.s. see a conflict of interest between uganda acting as a igad mediator and their concurrent role as a partisan combatant within the current conflict? and from across the panel, i'd be interested in perspectives on whether this should be pressure to try and get the pdf to restrict their mission in south sudan to focusing on civilian protection which, from a personal stand point, i think that could be a useful use of updf efforts in south sudan. thanks. >> okay. thank you. the gentleman in the blue sweater there. >> thank you. my name is henry from the center for international private

enterprise, one of the core institutes of the national endowment for democracy. it's a three-part question. where now exists specific opportunities for the citizens private sector as opposed to the large government private -- or government-owned economy? what are the opportunities for the citizens private sector in the transition process? what changes need to occur so that the voice of the citizens private sector is both representative and strong? and then somewhat building off the last two questions, timing. can the private sector dimension be included now, or are there reasons for it to be held off? >> okay, thank you. very relevant to some of the comments made by panelists. and then finally, advantagish this round on -- vanquish this round on the back side of the front row here. >> thank you so much. my name is --

[inaudible] and i work for the or nf project doing research on south sudan. my question -- [inaudible] on the reconciliation and justice process that is now one of the topics that is being discussed here, and my question would go directly to ambassador with donald booth. i want to know, like, to what -- [inaudible] the u.s. government engage in the process of reconciliation and justice and how, how are they working to make sure that this process is going to be inclusive of all, of all stakeholders in south sudan? thank you. >> okay. and let me turn it over to the panel. and let me slip in a question that i have. several of the panelists emphasized the division between elites and ordinary citizens as being a key tension and ongoing problem. i'd invite any of the panelists to talk about how does that get resolved here in the short term,

you know? how do you start to work towards that, resolving that issue? let's go in the same order. ambassador booth, please. >> met me take the last question -- let me take the last question first. the u.s. had been supporting numerous community peace-building and conflict resolution activities through implementing partners in south sudan. a lot of the conflicts that occurred in places along the border areas where there are migrations annually, these are areas where we had activities to try to keep the communities talking to each other and at peace. we were also supportive of national peace and iraq silluation -- reconciliation commissions efforts, that led by the archbishop. so we were involved prior to the this conflict in trying to help south sudanese address issues of

reconciliation and conflict avoidance. in terms of role of private enterprise, i think the private sector was one of many groups that we've indicated that we believe and have talked to igad mediators about believing that they should consult to get input into, again, how do you structure a comprehensive approach to this conflict, what are the issues that need to be addressed. i mean, i think one of the key things that should be of key interest to the private sector -- and i would hope that the south sudanese private sector would raids, raise the this -- would be the question of transparency. you've had a system where the economy has not been a paragon of transparency, and i think that that tends to constrict what the private sector is then able to do. in terms of the role of the updf

deployment, they were invited in by the government of south sudan. they initially went in to protect critical infrastructure in the area of juba. they helped facilitate by protecting that infrastructure the departure of foreign nationals, particularly ugandan nationals. and they then took an additional role and actually did begin to participate in the conflict fighting alongside the spla. the cessation of hostilities agreement is very clear that with the signing of that agreement, there should be a progressive withdrawal of all foreign forces, and that point has been made very explicitly to uganda by myself and others. it has been discussed and reinforced in the igad summit that was held on the 31st. the role that they're playing now is one of trying to maintain

a modicum of stability particularly in the area around juba, but it's also important that their forces do begin a progressive withdrawal from the country. in terms of the release of detainees not being compatible with accountability, i'm not quite sure i get that point. the detainees were arrested at the very by -- very beginning of this conflict, could not have been apartments in any of the -- participants, so i'm not quite sure about that point. be you're talking about accountability for perhaps past corruption, that's certainly an issue that would need to be addressed. but that's, i think, something down the road. the role of the detainees as senior members of the splm can play is to bring a diversity of voices into the discussion of

how the splm is going to reform itself and also how the governance discussions will go forward. you raised a litany of sort of the regional woes and, yes, it is a terribly troubled region. there are many, many crises active if not brewing below the surface in the region, but i think it's very important that the regional organization, igad, has really come together and trying to address in particular this crisis. and it has put a lot of its differences aside to do that. and uganda is not actually part of the mediation, so they're a member of i bad, but they do not -- igad, but they do not have a mediator there. it's ethiopia, kenya and sudan who have provided the three mediators to actually work with the south sudanese parties. and uganda has, i think

purposely, stayed away from the mediation talks itself. >> yeah. i agree with richard about in this, as ambassador said, about all these problems in the region. but the source of optimism is, is the past of south sudan. people have disagreed, people have fought, but they have always found ways to at least touch them upthey cannot resolve them entirely. -- if they cannot resolve them entirely. i think it's the patching up or the sweeping under the rug that we don't want to continue. that these problems are brought forward with honesty with an eye to having a more conciliatory future. the issue of political detain knees is, of course, a complex one. on the one hand, if you're charging them now with corruption, you can find another 11 people within the government

that you can charge for corruption. so the issue of accountability does not really connect with the request to release them. if you cannot charge them, you have to release them because that's what our law says, that's the law of south sudan and international law. you can't hold people indefinitely without charge. that should be the main focus rather than the more, the question of whether they were involved in a coup or not. the principle should be based on the legality of their detention without charge. and that would make, would actually get the government cooperating more. than the denial of a coup. the, on the issue of the private sector referring back to what jason was describing as the economy of the government and economy of the people, i think there is a place where they meet. because the private sector does

not have a long history of access to capital in south sudan. so it's still going to be the same government economy that is going to feed into private sector. the only problem is that how are you going to feed that? how are you going to get the private sector to have access to government economy? the way to do it is to think very carefully about how you use the revenue from natural resources, particularly oil. so far oil revenue has been used for current costs, for government. and that means the economy will remain entirely a government economy. and so the best way to go forward, i think, would be to find ways to invest majority of that oil money in capital projects. in agriculture, in electricity generation, in road building. which will employ up to 1.5 to 2 million south sudanese as opposed to the oil industry which employed only 8-10,000 people. so if you stop using oil money

for recurring costs and invest it in projects that will then employ a lot of people and those people will be taxpayers and the tax money will be now used to run the government, then that is how you feed in this private sector into it. because all these projects will be contracted to local businesses. and i think it will also solve the dilemma jason was talking about. how can you prevent, how can you take away money from all these civil servants? you will not be taking the money away, it will be another way of redistributing the money to larger population than just the 700,000 officials that are employed. you will be redistributing the oil money through employment of larger number of people in projects. thank you. >> thanks. i guess i would just like to offer that i don't think that having hope is a naive thing for

south sudan. i think that it's, in fact, vitally important to, you know, be able to see a vision for a way out and to recognize the lessons that the world has to offer and how, you know, cycles of violence can come to an end and what have been key common factors in the those situations. so i hope that's what we've been able to do here today, recognizing that south sudan, in fact, is still in a very serious state of crisis, that the fighting has not stopped yet. but it's not doomed to stay here. and, in fact, you know, there is every reason to believe that it can end this current conflict, it can end the division, that it can move to a more open and inclusive society and polity. i think it's imperative for us to focus on the conditions that will be conducive to that reality, and i think one of those is foreclosing the military option that both sides

must still feel as on the table since the cease fire, the cessation of hostilities has not stopped the fighting. and every day there are reports of more military activity coming from various parts of south sudan. i think in that regard having updf deployed in the country is teachly unhelpful to the -- deeply unhelpful to the situation. if the government needs assistance with security of key infrastructure and, you know, other assets, then surely there are more neutral sources for that assistance to be found from and ones that don't have the same conflicts of interest and poe or lahrizing effect -- polarizing effect that the ugandan military does among the south sudan population. i do believe that, in fact, having the updf withdraw would help to spur the conditions for peace and stability. i think that insuring that arms flows are stopped to south sudan, to all sides is another way, you know, of insuring that the military option, you know,

doesn't persist and that we can move on to the political dialogue that needs to take place. and i think that in that regard, joe, your question on how do we address the divide between the elites and the res of the country -- the rest of the country, clearly we've all emphasized civil society and nonstate voices and institutions, you know? at some level it will be up to the elites to determine if they're going to invite and genuinely welcome those voices and that participation or if it's going to be a harder struggle, a more challenging one, even perhaps one of personal peril for those voices to be raised and to be heard. we hope that it will be a collaborative process going forward, that this will be a wake-up call for all parts of south sudan not just those in government, but other political

leadership, community leadership, for everyone to recognize that there must be some changes here in terms of how deep, underlying issues that jok pointed out are confronted and addressed so that the country can move forward. >> thank you. just to say that we have focused on stability again and again and again, and that's actually the story of the interim period, the failure of elections, the failure of any democratic change in military that wasn't there. sorry. i don't think the issue is prioritizing stability and the wishful hope of, you know, of a new future. i think that the critical point here is we've neglected the transformation. we've focused on stability and neglected the transformation of the transformative aspects, especially during the cpa. things that change, land, the professional army, building a government, making a multi-party system. they were put aside when it came to stability fen and again. so i think that's kind of a recognition that what you have

to look at is something different. how do you change so that it doesn't come back. and, again, back to this point that the transition is not a 20-year plan, it's really focusing on those conditions in which these events can be genuinely transformative and that, in many ways, is ability stability, freedom to speak, freedom to associate. that kind of stability allows people to engage inclusively, safely as communities, between each other and as a political system that is not militarized. good question on the economy. i think just adding to what jok said in terms of investing the revenue into, back into the development of the state, i think also understanding the land law, the discussion around land which should ideally secure and recognize customary rights in land not just those held by individuals, but those held by communities. and, therefore, if that structure is there and enforced,

then the partnership is not between the private investor from outside and the state over that resource giving them rights and access in that resource, it's between the communities and the investor, and the state is an enabler and benefits from taxes. so looking at the customary land regime in a way that promotes people/private partnerships, not state/public partnerships is a way to go. i'd also say there's a kind of regional importance to south sudan that hasn't been discussed, but it's an interesting conversation looking at the swamp, the floodplains. because they provide importantly in the region climate stability, carbon think, biodiversity, that this is a massive resource that needs to be protected, developed responsibly and is at risk of paying for the peace or the recovery or the development or the war that continues. so if there's an interest in the region of protecting this very important resource so it doesn't

get sold, developed, farmed, it needs to be what the regional, it needs to be responsibility internationally to say let's hold this. because it's not a great place where you want climate instability given the amount we spend on famines and things like that. thank you. >> okay, thank you very much to all the panelists. i'm afraid we've come to the end of our time here. i know there are a lot of other questions still out there. i'm sorry i wasn't able to get to everybody. but before we break, i to want you to thank my acss colleagues for all the work that went into hosting this event today. i appreciate all of your work. and i would like to, again, thank our panelists, first of all, for taking the time out of some very busy schedules and for giving us your thoughtful assessments about where things need to go.

this is d.c., it's a very fluid time period, and none of you sugar coated what was happening. but at the same time, you've helped us -- and it will be an ongoing conversation about where we need to get to if we're going to achieve stability which is a longer-term undertaking. and so i'd just ask you all to join me in thanking our panelists for really what was a wonderful session today. [applause] more those of you who weren't able to ask questions, you might be able to engage. i know ambassador booth needs to run off to another engagement, but, please, feel free to follow up after ward. thank you again. [inaudible conversations]

>> the house gavels in today at noon eastern for general speeches before it begins legislative business at two. on the agenda this week, a bill that would delay regulations put forward by consumer financial protection bureau, and members may also debate an increase in the national debt limit. the senate returns at 2 ian as member -- 2 eastern as members continue to work on a bill dealing with the cost of living increases in military retirement pay. the measure would repeal a one percentage point reduction in the annual cost of living adjustments for veterans under the age of 62 that was included in the budget agreement. the senate will hold a test vote on the legislation at 5:30. 60 votes needed to advance it. you can watch live coverage of the house on c-span and the senate here on c-span2. >> off the floor this week,

newly-sworn-in fed chair janet yellen is appearing to testify about monetary policy. we'll have live coverage tomorrow of her first hearing before the house financial services committee. it'll tart at 10 a.m. eastern, and you'll be able to watch it live on c-span3. >> i think it's all an evolutionary process. you grow into this role, and my sense is that you never get comfortable if you're always pushing for change and growth not just in yourself, but in the issues that you care about. you're never done. so there's never a point in time where you feel like, there, i am now here, and i can do in the same way all the time. it's always changing. >> first lady michelle obama, tonight at 9 eastern live on c-span and c-span3, also on c-span radio and c-span.org. >> i have often said that when i am traveling on amtrak, that i

run -- not walk -- to the quiet car. but what this, i believe and i know, will have, will provide for consumers -- and it already has on some airlines -- is more opportunity for a data-rich engagement. it will open up the market for more competitors to provide options, so it will be hopefully over the long term less expensive for those to engage. when you look at the international ecosystem when it comes to this, they -- i have been told by those in the business that 90% of the engagement is data only. so a very small part of it is conversation. and what is also great about this is it's up to the carriers, up to the airline whether to admit that type of conversation. >> fcc commissioner mignon clyburn tonight on "the communicators" at 8 eastern on c-span2. >> senior officials from the justice department, secret service and federal trade commission recently called on

congress to pass federal standards for data security breaches. they testified before the senate jewish -- judiciary committee about cyber crime and the recent breaches at target and nieman marcus. in this runs a little under an hour. >> i'd like to ask the witnesses to raise their right hands. do you swear that your testimony will be the truth, the whole truth and nothing but the truth? thank you. you may be seated. chairwoman ramirez, a commissioner of the federal trade commission since 2010, was appointed chairwoman of the ftc in march 2013. prior to in this, ms. ramirez was a partner in the office of quinn, emanuel, irkhart and sullivan llp in los angeles

where she focused her work on matters of intellectual property, antitrust and trademark issues. mr. noonan is the deputy special agent in charge for the secret service's criminal investigative division, cyber operations. he has over 20 years of federal government experience. throughout his career he has initiated and managed a number of high-profile fraud investigations. ms. raman is the acting assistant attorney general for the criminal division of the department of justice. she has worked in the criminal division since 2008 where she priestly served as -- previously served as chief of staff. formerly, she served as assistant united states attorney in the u.s. attorney's office for the ticket of maryland. district of maryland. thank you all for joining us. you each have five minutes for any opening remarks you'd like to to make. chairman ramirez, would you like to begin. oh, oh, i'm sorry.

excuse me, i'd like to recognize the ranking member who has something that he'd like to say. >> this won't take more than 45 seconds. i'm going to submit questions for an answer in writing, but also i wanted to point out two very significant things that i wanted to discuss. one is unrelated to this hearing, but chairwoman ramirez, i sent you a letter on an lp gas shortage in the midwest. i just want to call it to your attention. i haven't gotten an answer yet. if you could answer that, i'd appreciate it. and then related to this question for mr. noonen, i'll have a question on the fact that the morning washington times said that there was a belarus company involved in writing some of the software for the health care reform act, and the extent to which that could be indicative of somebody having is the to our -- having access to

our records over here in same vein that we've asked, you know, target to respond to it. thank you very much. >> i'm sorry i didn't want go right to you. -- i didn't go right to you. again, thank you all for joining us. chairman ramirez, would you like to bin. like to to begin. >> mr. chairman, ranking member brassily and members of the committee, thank you for the opportunity to appear before you to discuss the federal trade commission's data security enforcement program. i'm pleased to be testifying here this morning with my colleagues from the justice department and the secret service. we live in an increasingly connected world in which vast amounts of consumer data is collected. as recent breaches at target and other retailers remind us, this data is susceptible to compromise by those who seek to exploit security vulnerabilities. this takes place against the background of the threat of identity theft which has been

the ftc's top consumer complaint for the last 13 years. according to estimates of the bureau of justice statistics, in 2012 this crime affected a staggering 7% of all people in the u.s. age 16 and older. the commission is here today to reiterate its bipartisan and unanimous call for federal data security legislation. ..

under the apa and jurisdiction over nonprofits which have been the source of a large number of breaches. such provisions would create a strong, consistent standard and enable the ftc to protect consumers more effectively. using its existing authority, the ftc has devoted substantial resources to encourage companies to make data security a priority. the ftc has brought 50 civil actions against companies that we alleged put consumer data at risk. we have brought these cases under our authority to combat deceptive and unfair commercial practices as well as more targeted laws such as the gramm-leach-bliley act and if you're -- at the fair credit reporting act. in all these cases the touchstone of the commission's approach has been reasonableness. a companies date is a good measures must be reasonable in light of sensitive and polymath information it holds, the size

and complexity of its data operations and the cost of available tools to improve security and reduce vulnerabilities. the commission has made clear that it does not require perfect security, and the fact that a breach occurred this not mean that a company has violated the law. significantly, a number of ftc enforcement actions have involved large breaches of payment card information. for example, in 2008 the ftc settled allegations that security deficiencies of retailer t.j. maxx permitted hackers to obtain information about tens of millions of debit and credit cards. to resolve these allegations the retailer agreed to institute a comprehensive security program and to submit to a series of security audits. at the same time the justice department successfully prosecuted a hacker behind t.j. maxx and other breaches. as this case illustrates well, the ftc and criminal authority share complementary goals.

ftc actions help ensure on the front end of businesses do not put the customers of data at unnecessary risk, or criminal enforcers help assure that cyber criminals are caught and punished. this dual approach to data security leverages government resources and best serves the interests of consumers, and to that in the ftc, the justice department and the secret service have worked together to coordinate our data investigation. in addition to the commission's enforcement work, the ftc offers guidance to consumers and businesses. for those consumers affected by recent breaches, the ftc has posted information online about steps they should take to protect themselves. these materials are in addition to the large stable of other ftc resources we have for id theft victims including an id theft hotline. we also engage in policy initiatives on privacy and data security issues. for example, we breezily conducted workshops for mobile security and emerging forms of

id theft such as child id theft and senior id theft. in closing i want to thank the committee for holding this hearing and for the opportunity to provide the commission's views. data security is among the commission's highest priorities, and we look forward to working with congress on this critical issue. thank you. >> thank you. madam chairman. mr. noonan. >> good afternoon, mr. chairman and distinguished of the committee. thank you for the opportunity to testify on behalf of the department of homeland security regarding the ongoing trends of criminals exploiting cyberspace, to obtain sensitive financial and identity information as part of a complex criminal scheme to defraud our nation's payment systems. our modern financial systems depends heavily on information technology for convenience and efficiency. accordingly, criminals motivated by greed have adapted their methods and are increasingly

using cyberspace to exploit our nation's financial payment systems to engage in fraud and other illicit activities. the widely reported data breaches of target and neiman marcus are just recent examples of this trend. the secret service is investigating these recent data breaches and we are confident we will bring the criminals responsible to justice. however, data breaches like these recent events are part of a long trend. in 1984, congress recognized the risks posed by the increasing use of information technology and established 18 usc section 1029 and 1030 to the comprehensive crime control act. the statute defines access device fraud and misuse of computers as federal crimes and explicitly assigned the secret service authority to investigate these crimes. it's a part of the department of homeland security's mission to safeguard cyberspace. the secret service investigates cybercrime through the efforts of our highly trained special agents, and the work of a

growing network of 33 electronic crimes task forces which congress assigned the mission of preventing, detecting, investigating various forms of electronic crimes. as a result of our cybercrime investigations, over the past four years, secret service has arrested nearly 5000 cybercriminals. in total, these criminals were responsible for over $1 billion in fraud losses and we estimate our investigation is presented over $11 billion in fraud losses. data breaches like the recently reported occurrences are just one part of the complex criminal scheme executed by organized cybercrime. these criminal groups are using increasingly sophisticated technology to conduct criminal conspiracy consisting of five parts. one, gaining unauthorized access to computer systems carrying valuable protected information. two, deploy specialized malware to capture and excellent it is dated. three, disturbing or selling this sensitive data to the criminal associates.

four, engaging in sophisticated and distributed abroad using the sensitive information obtained, and five, laundering the proceeds of this illicit activity. all five of these activities are criminal violations in and of themselves. when conducted by sophisticated transnational networks of cybercriminals, this scheme is yielded hundreds of minutes of dollars in illicit proceeds. the secret service is committed to protecting our nation from this threat. we disrupt every step of the five part criminal scheme through a proactive criminal investigation and defeat these criminals through coordinated arrests and seizure of assets. foundational to these efforts are our private industry partners as was a close partnerships with state, local, federal and international law enforcement. as a result of these partnerships we were able to prevent many cyber crimes by sharon criminal intelligence regarding the plans of cybercriminals and minimizing financial losses by stopping the

criminal schemes. through our department national cybersecurity and communications integration center, nccic, the secret service also quickly shares technical cybersecurity affirmation while protecting civil rights and civil liberties in order to allow organizations to reduce their cyber risks by mitigatinmitigatin g technical vulnerabilities. we also partner with private sector and academia to research cyber threats and publish information on cybercrime, crime trends three porsche like the carnegie mellon insider threat study, the verizon data breach investigations report, and the trust with global securities report. the secret service has a long history of protecting the nation's financial system from threats. in 1865, the threat we were founded to address was that of counterfeit currency. as our financial payment system has evolved from paper to plastic, now digital information, so, too, has the investigainvestiga tive mission. the secret service is committed to protecting our nation's financial system even as

criminals exploited through cyberspace. through the dedicated efforts of electronic crimes task forces and by working in close partnership with the department of justice, in particular the criminal division, and local u.s. attorneys offices, the secret service will continue to bring cybercriminals that perpetrate major -- major data breaches to justice. thank you for the opportunity to testify on this important topic, and we look forward to your questions. >> thank you, mr. noonan. ms. raman. >> good afternoon, mr. chapman and members of the committee. thank you for the opportunity to appear before the committee today to discuss the department of justice's fight against cybercrime. cybercrime has increased medically over the last decade and our financial infrastructure has suffered repeated cyber intrusions. the recent reports about the massive data breaches at target which the justice department is investigating alongside the

secret service, have underscored that cybercrime is a real, present threat, and one that is growing. cybercriminals create botnets that system it was still the personal and financial information of americans. they carry out the stupid denial of service attacks on networks and they still sensitive corporate and military data. the justice department has vigorously responding to this threat to the work of the criminal division's computer crime and intellectual property section which partners with assistant u.s. attorneys offices across the country as part of a network of almost 300 justice department cybercrime prosecutors. in addition, the fbi has made combating cyber threats one of its top priorities, working through cyber task forces in its 56 field offices and continuing to strengthen the national cyber investigator joint task force. everyday our prosecutors and agents strive to hold to account cybercriminals so they can -- is all the tools of able to identify these criminals were ever in the world they are

located, break up the networks and bring them to justice. we are developing meaningful partnerships with foreign law enforcement and with industry to strengthen our collective capacity to fight to protect against cybercrime and we use our tools responsibly and consistent with the important long-established legal safeguards that protect against abuse. as just one example of our work in this area, just last week, ccips previous attorney's office in atlanta and the fbi announced a guilty pleasure of a russian citizen named alexander payne and who admitted developing and distributing sophisticated malware old spy i. the spy i malware created botnet art networks it's equally hacked computers by infecting victims computers enabling cybercriminals to remotely control the computers through command and control service. in that way the criminals were able to steal personal and financial information such as credit card information, banking credentials, usernames and

passwords. p.i.n. software included specially tailor-made versions of the malware to at least 154 of his criminal clients who in turn used it to affect investment 1.4 million computers around the world. he will be sentenced in april. that cases on the latest of our recent successes against cybercriminals. others include, for example, a 15 year sentence handed down in september to a romanian cybercriminals to let a multimillion dollar scheme to hack into u.s. merchants payment card data, and 88 month sentence handed down last april to a russian hacker to use online forums to sell stolen credit and debit card information to purchasers around the world. and the indictment last year of a china-based manufacturer of wind turbines which is alleged to have stolen trade secrets from an american company causing over $800 million in us. but without the tools that we been provided we would not be

able to bring such offenders to justice and we must ensure that the statute we enforce keep up with technology so that we can keep pace with the cybercriminals who are constantly developing new tactics and methods. the administration is proposing several statutory provisions to keep the federal criminal laws up-to-date. first, we recommend establishment of a strong uniform federal standard requiring certain types of businesses to report data breaches. businesses should be required to provide prompt notice to consumers in the wake of the breach and to notify federal government of breaches so the law enforcement can pursue and catch the perpetrators. our prosecutors also rely on sensitive criminal statutes to bring cybercriminals to justice. one of the most important of these is the computer fraud and abuse act, also known as the cf aaa. the administration proposed several revisions to the cf aaa in may 2011 and we continue to support changes like those to keep federal criminal law up to date. we also look forward to working with congress to addres addresse

cfaa's application to insiders such as bank employers or government employees to access computers in violation of their authorization and then steal or misuse the information contained in the computers. finally, we recommend several statutory amendments including a proposal to address the proliferation of botnets at your described at greater length in my written testimony. i very much appreciate the opportunity to discuss the justice department's efforts to protect american citizens by aggressively investigating and prosecuting hackers but we're committed to using the full range of investigative tools and laws available to us to fight these crimes and to do so vigorously and responsibly. thank you for the opportunity to discuss the departments work and a look forward to answering your questions. >> thank you all. i think we will go to senator klobuchar, since i'm sharing this, i'll be here to the end so i can ask my questions at the end. senator? >> okay, very good. thank you very much. thank you all for coming today.

i think we all know why we're all here with the breaches that we've seen, and we just heard about what the last panel at target, neiman marcus and michaels, hotel chains. on any other similar breaches that have occurred? do you see industries that are more targeted than others? and how do you think, ms. ramirez, how successful has your agency been in getting criminal hackers extradited from foreign countries and what challenges do you see when dealing with extradition issues? >> so let me start by answering your initial question. i can't speak about any particular companies or breaches that we can't disclose information relating to nonpublic investigations, but what i can do is that the ftc has been very active in this area, having just announced last week our 50th data security case. we believe that the ftc's action

has had an important and sent an important signa segment of the marketplace, but based on the information that we have available to us, which including the verizon data breach report which mr. noonan reference in his opening remarks, by those indications it's clear that companies need to do a lot more, that they continue to make very basic mistakes when it comes to data security. so this is an area where the federal trade commission unanimously believes there needs to be and rational action. and in particular, a strong federal law that imposes robust standards for data security and also for breach notification. >> so this is what we've been talking about earlier with the standards and taking this out with the chip and p.i.n. and those kinds of things, is that what you're talking a? >> at the ftc we don't advocate particular technologies. we rather take a process-based

approach in light of the fact that as a legitimate enterprise, are constantly changing and evolving. so we recommend a process-based approach to attacking this problem. >> okay. the extradition question, the reason i asked that is a think we already learned that a young russian already claimed to be a co-author of malware used in the attack with target, and i think we know there's no shortage of these crimes internationally. it's one the u.s. should be asking. >> i will defer that question to my colleagues on the criminal authorities who are dealing with those issues. >> okay. you point out one of our extraordinary challenges in cybercrime cases, and that is that some of the most notorious hackers are living across, halfway across the world. and sometimes in countries with which we don't have extradition relationships. and so that is the challenge that we have in a number of these cases. we try to be as creative as

again to ensure that we're able to catch the wrongdoers and we have had significant success. the case that i just mentioned in my opening statement is an example of a success, a russian hacker who had developed us by malware and he has pleaded guilty just last week. we've had numerous such successes. sometimes it just takes patience. >> okay. mr. noonan? >> the secret service has had a unique success in this field. we have been able to arrest and extradite a number of significant cybercriminals abroad with the help of the department of justice, the office of international affairs and state department. just to name a few. the dave & busters intrusions that happened in 2007. we were successful in arresting an individual. we arrested and extradited alexander supe.

in 2007 we were successful in extraditing sergei living into. there's a number of other successes we have had of high-value targets, high-value hackers that event attacking our financial infrastructure that with the assistance of international law enforcement and relationships we've been able to arrest those people and bring them to justice here domestically. >> one of the things we talked about earlier was the time between the companies confirming the breaches and then letting customers know how quickly they can find out what their policies are. and i assume, ms. ramirez, you want to do as soon as possible but one of the questions i want to know, having been in this law enforcement before is, there's also this thing we want to catch people an at i would think when they data breach is this big you come down on the side of letting the public know immediately. but how do you strike that

balance of putting information out there but and also trying to find the perpetrators and not tipping them off. anyone can answer. >> if i may start off the discussion on this point. balancing is exactly the right word. in our view a company should notify affected consume as recent as practical as possible. in other words, there should be enough time for the company to assess the relevant breach, examination of what took place, which customers were affected. but we think it's important that customers be notified recently probably. and we believe that the outside limit for that ought to be 60 days. at the same time i will also note that when the ftc is looking at these issues we do coordinate very closely with colleagues at the department of justice, security service, also at the fbi. and so if there's a need for there to be certain delays due

to the needs of these, investigations can we think that is also appropriate. >> okay. >> it's a coordinated effort actually between the secret service and our law enforcement and u.s. attorney's office as well. but it's very important for us in a timely manner to take what we know from an investigation as far as the cybersecurity pieces of that and then to get that answered out to greater infrastructure. we use the department, homeland security is indeed which is the national cybersecurity communications and integration center. -- nccic. we take information we learn from the malware and hacking tools and such. we share that with nccic who then does some reverse engineering and they're able to push that up to the greater infrastructure. we also partner for our electronic crimes task forces in which were able to take that same type of information about out to our trusted partners that are out in the community, out in

the infrastructure. as well as we also partner with various ice ax, specifically in the lead of financial services. we parted with the -- to get every out into to be able to assist them in finding and mitigating what other attacks may be happening to them. going back to your original question, we do believe that the administration's data breach notification proposal does allow the flexibility that would allow us to delay consumer notification install it commits if there is a law enforcement reason for the. there may be an undercover operation is necessary or other covert investigative steps that can be taken immediately after a breach and there may be certain circumstances where delayed notification is appropriate. but that being said we do believe that prompt notification to consumers is important and prompt notification to law enforcement is important. >> thank you very much. >> thank you, senator klobuchar. senator whitehouse.

>> thank you again, chairman. let me address myself briefly to the to law enforcement witnesses who we have here. the theft of intellectual property from american corporations purely across cyber networks by hacking into corporate networks and excavating their data has been described on multiple occasions as the greatest illicit transfer of wealth in history. has any indictment yet resulted from that conduct? foreign hackers purely through cybernetwork's hacking into an american corporations intellectual property and excellent trading it for competitive purposes. >> i will say, senator, that the

threat that you described is one that we are very aware of and we are focused on. last year -- >> has there been an indictment of anyone in such a case? >> last year in a similar case there was an indictment of some of the corporation and about five of its executives. that's a chinese corporation and five of its executives, for stealing proprietary information of an american company. >> how have they stolen it? was a to a cyber hug or did it in all human -- >> a combination but also an insider at the american company. but i think that kind of case where we are willing to invite a chinese company and chinese nationals, including the insider here, shows our resolve to get to the bottom of these issues. >> actually, the numbers involved show anything but resolve. and i hope that there will be more attention paid to this. but and i say this with full appreciation of how very, very challenging and difficult these

cases are. from a forensic point of view, from a locating, from an interface with intelligence and diplomatic relations point of view. from a security point of view. there's a whole array of reasons these are immensely difficult and complicated cases. but when we are on the losing end of what has been multiple occasions described as the greatest illicit transfer of wealth in history, i think one case that actually wasn't that, because it involved a human exchange as well, just isn't an adequate response. site urge you guys to improve your gang on that and if you're getting pushback from intelligence communities, from the state department, other people, push back harder. because i think an indictment has a clarifying effect. the other thing that has come up recently has been that chairwoman mikulski of the appropriations committee, who

was also the chairman in charge of your appropriations, the subcommittee level, has put into the omnibus spending bill that which is past the requirement that the department of justice provide a multi-year strategic plan for cyber within 120 days. that's not a long window. it is going to require the dj, the fbi, the secret service, probably folks within fema and homeland security, and certainly all indeed, without whom no budget related discussion is possible -- omb, to get together and start to figure out what we look like three, four, five years out, 10 years out in terms of the structure. we have the fbi deeply involved in this and we have the secret service deeply involved in this. we have two different sections of the department of justice separately involved in this, the

different programs that we enforce, a different strategies seem to be changing every six months or so, as i have pursued this. i think a lot of that businesses are in reflects a sensible and good adaptation to an emerging threat. but i think that we are a long way from having a clear sense of what our cyber law enforcement structure should look like. we are still, i think, evolved in, and it's been hard for me to find anyplace in which the thinking about what it should look like three, four, five years out is taking place. so could you give me a moment on what you're doing right now to respond to the 120 day requirement for a multiyear strategic plan? >> we are very aware, senator whitehouse, the 100 day

requirement and thankfully even before the requirement was put into place, we have been endeavoring for several months to go through the exercise of putting on paper a strategy for the justice department cyber program. that involve some the issues that you've already touched on, which is how we integrate all our various capabilities. i think that a way that the responsibilities are divided now, which is the criminal division, a national security division and the fbi, works well together. and the reason that we're able to work well together is that we communicate literally on a daily basis, sometimes on an hourly basis about how to respond to particular threats. but together i am certain that we will be able to comply with the 120-day requirement. we've been working on it and we'll continue to work to meet that deadline. >> good. i'm very glad that you work well together. i would hazard the thought of working well together and having the proper administrative structure are two different questions.

and i would offer as an example the challenge of trying to get the civil botnet takedown capability, but which the department has been listed on several occasions probably integrated into the criminal and the other national security and intelligence elements of this. i think it's a better, a bigger challenge than just having people work well together. >> i agree with you, senator. on the botnet capabilities that we used in the coreflood takedown, that was civil authority but the criminal division along with his attorney's office in connecticut used civil authorities and were able to do so because of the specific way that botnet with structure. but botnets are high on her list of priorities. we know that every botnet is different and we know that he had every botnet is an individual or individuals, and so we are focused both on getting those individuals and finding ways, creative ways to

dismantle botnets. >> good. my concern was that, it's my understanunderstanding that afte coreflood botnet takedown, the group, the kind of ad hoc group from different organizations, u.s. attorney's office in maine justice pentagon together to accomplish the coreflood.net more or less disintegrated back into their original positions, and that there isn't a robust and integrated ongoing administrative structure for integrating those botnet take desperate they seem to more episodic into grad people from other departments for that one event and then they've got a big award from the attorney general, which they merited. i was decided that happen, but then i think the structure of the wind, evaporator or disintegrated. so the structure question i think is one we can continue to work on. thank you. >> thank you, senator whitehouse, for your continued focus on cybersecurity. i have a question for either

mr. noonan or ms. raman. can you walk me through how a criminal could go about harvesting the data on the magnetic stripe card, and how they go about using it and selling that data once it's stolen? >> yes, sir. if we are talking about the intrusions that we are here to today to discuss, it's generally -- it's not one criminal we are talking a. we are talking but a sophisticated network of cybercriminals. i use the analogy sometimes, the movie ocean's 11. this is an organization that has specific skills when brought together so they will have their person that is looking for access in the systems. they will have the people that are controlling the bulletproof

hosting system. they will have people been working on extracting information from the network. they will have wholesalers and vendors of that data, then ultimately there will be end users that take the data, use it on a street level through their -- counterfeit credit cards and going into regional stores, buying goods and sensing that. and then there's a money laundering system as well in this. i think it's also important to understand that we're not talking about currencies here. we are talking of virtual currencies in which a lot of this money is moot. in the criminal underground they are moving their money back and forth through virtual currency which is hard for u.s. law enforcement and for others in the government to be able to trace and track those finances. >> i agree with that description. i think the additional element i would add is that oftentimes after there's this kind of harvestinharvestin g of personal information through the use of malware come often through

botnets, the stolen information is then sold in carding sites around the world to other criminals who may use it for their own financial profit, sometimes for other purposes. and so that is also another chain in the threats that we are seeing. >> it sounds like there's real justification for putting the rico peace in senator leahy's, chairman leahy spill -- bill, that this is coordinated organized crime. right now the information postcards in the united states is a static. it stays the same until the card is canceled. what does that mean for criminals wanting to make counterfeit cards? >> make it easier than? >> the question is, is it static

data that's coming across? right. you have to understand that the data is roughly 30 year old technology. so i would agree with the fact that a three year old technology is perhaps a little bit more easy for them to utilize and put onto readily available magnetic cards or magnetic stripe cards that are available in industry today. >> we've been talking today about going to the mv technology and going to the dmv with a p.i.n. would all agree here that go the extra me hopeful? >> we believe anything that would assist in security of our nation's payment systems would be a benefit to the industry, of course. >> okay, thank you. chairwoman ramirez, when a company is really poor, digital security practices, the ftc can initiate an enforcement action

that the company, against the country for committee what's called an unfair trade practice. the commission has used this authority admirably in the past. at the same time there's no comprehensive federal law that sets up a data security standard for companies that store data, the data of tens of thousands of customers. d. think that the commissions existing authority in this space precludes the need for a federal data security and data breach law? >> no, i don't. we have used our authority under section five of the ftc act barring deceptive or unfair actual practices, and we think we use of that authority effectively. but i think what could be more effective in this area if the were a federal security law that the ftc could enforce. and in particular, we think there are three areas where we could use additional authority.

we would like to see legislation that would give the ftc civil penalty authority. we think this would enable us to declare -- deter more effectively. we also believe that we need jurisdiction over a nonprofit. we have found that a number of breaches occur at nonprofits, and currently we lacked authority over nonprofits so that's a gap that we would like to see filled. and in addition, in order to implement the data security law effectively, we believe that it would be appropriate to give the ftc apa rulemaking authority to enable us to deal with the evolving risks and harms that one sees in this area. >> thank you. this is why it's so important that we get to the data privacy legislation. i look forward to doing there. i would ask of one, and i would like to see the senator blumenthal has arrived, is back.

this is a little unrelated, but it's something i've been interested in. ms. raman, in your written testimony you said that the department could use better tools to go after the operators cell phone, spy software. this software is a huge problem. every year tens of thousands of women are stalked through the use of what are called stalking apps. these are apps specifically designed to facilitate stalking. and abuser will install one of these apps on a victim's phone and be able to track her whereabouts at all times. we have received testimony on my subcommittee on this time and again. these apps can be found within

minutes through web search. one is called flexaspy. it gives you total control of your partner's phone without them knowing it. see exactly where they are or were at any given date and time. live now and start spying on a cell phone in minutes. another is called spyera. the target user is never interrupted from what they're doing and won't notice a thing. you will not only know what is being said and done, you will know also know exactly when and where. i have a privacy bill specifically aimed at shutting these apps down. as i want to work with you to give us, give you all the tools that we need to do that. can you and i worked together on this? >> absolutely. we appreciate any support that you can give us in this area. it's an incredibly frightening

capability. we are focused on the criminal threat, open of the tools that we think could be helpful in our fight against this kind of software is civil authority to forfeit proceeds of the crime. and we'll be happy to speak further with you and your staff about these particulars. >> thank you. senator blumenthal. >> thank you, senator franken. thank you all for your great work in this area, and thank you, chairman ramirez, for your focus and your interest in additional authority, which i agree is important. i think the ftc has broad authority now to impose some rules and take some enforcement action when there has been a failure to impose sufficiently stringent safeguards to protect consumer information, but certainly clarifying that authority and expanding it in the ways you have suggested makes a lot of sense.

in fact, i had just introduced a bill that would provide for rulemaking authority, but also stiff penalties, and possibly even more stringent penalties if the congress would go along with them. because i think that the potential damage to consumers is so horrific from identity theft and associated wrongs that emanate from these hacking and abusive activities. it also provides for mandatory notification, a clearinghouse and, in my view very important, a private right of action, as well as jurisdiction for attorney generals who would enforce these rules. what you think about a private right of action and the authority of attorneys general to impose israel's? >> the commission has not taken a position on the issue of private right of action, as regards can current state

enforcement, we believe that that is absolutely critical. states have done very important work in this arena, and we think it's vital for them to continue to be involved. >> what's been the reaction of nonprofits? have they been ahead of the for-profit sector, or behind a? behind? >> well, i think we see problems amongst all companies, but including nonprofits, and that's an area where we currently lack of jurisdiction and we think it's a gap that needs to be rectified so that we do have jurisdiction. but as i mentioned earlier, the data that we have available today, and i specifically referenced the verizon data breach investigation report, that is issued annually, they continued to indicate that companies need to do a lot more in this area, that very fundamental mistakes are being made when it comes to data security. so that signals to me that action, further action needs to be taken. and, of course, this is a very

complex problem, multifaceted problem that requires a multifaceted solution. >> am i right in thinking that the united states is behind a lot of the rest of the world in its data security safeguards? we heard testimony earlier about the lack of use of chip and p.i.n. methodologies, which is now prevalent in europe, and maybe the lack of use of it here is a reason not only for the neiman marcus and target breaches, but also for the fact that almost half the world's credit card fraud occurs here, but only a quarter of credit card use. so this seems a disparity that indicates we are behind the rest of the world. >> let me say that while at the ftc we don't prescribe or recommend particular technologies, it is a concern to me that our payment card systems

really do need improvement. so in my view more work can be done in the area. is absolutely critical from my perspective that payment card systems be secure and protected, consumer information, and never think it's important that all of the players in the ecosystem, retailers, banks, payment card networks all work together to find solutions. >> any of the other witnesses have perspectives on these questions? >> yes, sir. i have a perspective in the fact that you can come up with a device that will secure credit card data, but it doesn't alleviate the fact that we're talking about it still criminals that are doing it. these criminals are motivated by money. they are financially motivated. they are going to use whatever they have at their disposal to still go after the pot of gold which is held in the payment card systems piece. so it doesn't take away the criminal element but it does

add, potentially could add a layer of security. site just wanted to make the point that again, when we are talking of the criminal element, its law enforcement and the work that's being done between the department of justice and law enforcement that's going at it the criminals to try to take them and put them behind bars, taking the virtual world and making it reality with handcuffs, if you will. >> i agree that that's -- securing data is on this incredibly important for all american and tumors. from a law enforcement point of view, anything that strengthens our ability to secure that data is a good thing. frankly, it makes us less necessary if there are fewer breaches and if there are fewer attempts to try to get some of this data. but that has nothing -- mr. noonan is actually right. malware adapts every day. botnets adaptivity. criminals are early adopters with almost every kind of technology. our challenge is to stay ahead

of them. >> there is an arms race. there always has been, not only in this area but in so many others. having done a bit of law enforcement work myself, both federal and state, i'm well aware that there will never be a foolproof safeguard or the impenetrable lock on the door, but if you leave the door completely unlocked, it's almost an invitation to a bad guy. and i don't want to say we left the door unlocked in the retail industry, but certainly the locks are a lot less sophisticated than the technology available would provide. and you may not have been here earlier, but i think that the industry, or maybe i should say industries, have some real

soul-searching to do about whether they've been sufficiently protective of consumer information. because as we know, you can apprehend, investigate, prosecute criminals, but rarely does that compensate them when they are victims of identity theft. and that's just a start, tragic fact of the matter, that preventing these crimes is often the only way to really protect consumers because you can prosecute them if you can apprehend them and investigate them. we talked about global criminal activity here, but the victims of identity theft are often really marred and scarred for life. you know, i respect your point of view, but i do think that stronger preventive action would

come with rulemaking authority, stiffer penalties on the retailers would provide an incentive to do the right thing, i think are very much needed. thank you all. thank you. >> thank you. thank you all. i think following up on what senator blumenthal just said, today's hearing has made it clear that we are getting with a systemic data security problem in this country, and we received testimony in the first panel that our credit and debit cards just aren't secure enough and we have no federal standard or data security and breach notification. we have to update our car technology and our laws to address these 21st century threats to our data security. when millions of american consumers have their data breached, we really can't afford not to. that's what i have been pressing

credit and debit card companies on their plans to enhance card security for improvements, like smart chip technology and chip and p.i.n. and that's why i'm -- i was proud to join chairman leahy on his data privacy and security act. i think it's just common sense that the consumers should be told when their data has been stolen and we do everything we can to secure it before that happens. i want to thank the witnesses for their testimony today. you have helped us understand not only how these breaches occur, but how we can move forward from this point to better protect consumers and better enforce our laws. the record will be held open until february 11 for questions and any further materials. you are now dismissed, and this hearing is adjourned.

[inaudible conversations] >> hi. how are you? good to talk to the other day spent a look at capitol hill today. both the house and senate are in. the house is in at noon for general speeches. 2:00 for legislative business. this week they'll be working on a bill to change the way that the newly created consumer ahmadinejad protection bureau is funded and run. we could see an increase in the debt ceiling sometime this week. a week from reports said house gop will have a meeting of the debt ceiling today at 5:30 p.m. eastern time. on the other side of the capitol the senate in at 2:00 eastern to

continue work on military pay. they want to repeal cuts in military pensions. we could see a test vote on that at 530. house you can watch live on our companion network c-span and the senate right her here on c-span. the new chair of the federal reserve, janet yellen, will be appearing before several congressional committees testified on monetary policy. we will have her life to her after first hearing of the house financial services committee 10 a.m. eastern on c-span3. and check out our facebook question. should members of congress have term limits? datasets yes, brings -- go back to the realize. stop this is where people become millionaires. from a mark -- >> share your thoughts at

facebook.com/cspan. >> i think it's all an evolutionary process. you grow into this role, and my sense is that you never get comfortable if you are always pushing for change in growth, not just in use of it in the issues you care about. you are never done, so there's no point in time where you feel like, there, i am now here and i can do this the same way all the time. it's always changing. >> first lady michelle obama tonight at nine eastern, live on c-span and c-span3, also on c-span radio and c-span.org. >> i have often said that when i am traveling on amtrak that i run, not walk. but what does come i know will provide for consumers and it already has on some airlines is

more opportunity for data rich engagement. it will open up the market for more competitors as to provide options. so we'll be hopefully over the long term, when you look at the international ecosystem when it comes to this, i have been told by those in the business that 90% of engagement is data only. so a very small part of the conversation, and what is also great about this is up to the carriage, up to the airlines but it's that type of conversation. >> fcc commissioner mignon clyburn tonight on "the communicators" at eight eastern on c-span2. >> next we'll take a look at the house foreign affairs committee that held a hearing looking at the rising threat of al qaeda in iraq. in baghdad last week. at least 30 people were killed and more than 100 injured in suicide bombings. the u.n. says 2013 was the deadliest year in iraq last

month, 618 civilians and 115 members of the country's security forces were killed. the house hearing ran two hours. >> this hearing will come to order. this morning, we consider al qaeda's resurgence in iraq, an unfortunate reality is that al qaeda in iraq, now known as the islamic state of iraq and the lot, or isis, as you see in the papers, -- levant. is growing steadily in size, in power and influence and its militant ranks have blossomed. last summer i'm isis trade out attacks on two different prisons in iraq and in those attacks

read hundreds of experienced al qaeda fighters and leaders. the group is now able to carry out approximately 40 mass casualty attacks every month. multiple car bombings struck the capitol this morning. the nearly 9000 deaths in iraq last year made it the bloodiest since u.s. forces reporte deporn 2011. the civil war in neighboring syria only further strengthens this group. militants are able to flow freely between iraq and syria, providing isis an advantage as it works to advance its regional vision of a radical islamist state. their gains had been dramatic. last month these fighters took advantage of a security vacuum, in anbar province, entering the cities of falluja and ramadi, in columns of trucks mounted with

heavy machine guns and raising the black flag over government buildings. of course, anbar province is where u.s. marines fought so hard to push out al qaeda. in recognizing those and other great sacrifices, i should note that this committee benefits from the firsthand experiences of mr. kissinger, mr. cotton, mr. perry, mr. dislodges, mr. collins, and mr. barton, all of whom served with distinction in iraq. this thread is evolving. earlier this week al qaeda's central leadership declared that those operating in western iraq and syria were no longer an affiliated group. we will see how this power struggle develops. but isis independence is a reflection of its unprecedented resources, including weapons, personnel and cash, and its

resulting operational threat. this is a threat to iraq but also to us. ices has reportedly been actively recruiting individuals capable of traveling to the u.s. to carry out attacks here. while al qaeda in iraq has been powered by prison breaks and by the syrian civil war, it has also been fueled by the alienation of much of the sunni population from the she has dominated government in baghdad -- she is dominated government. al qaeda has become very skilled at exploiting this sectarian rifts. and maliki's power grab has given them much ammunition. this is a point that ranking member eliot engel and myself raised and underscored with president maliki when he visited washington last fall. this committee will play a

central role as the united states moves to send military equipment to help the iraqis fight these terrorists. appropriate intelligence can be shared as well. but iraqis should no that there in relations with iran and the slow pace of political reconciliation with minority groups ways serious -- raises his congressional concerns. as head of state, while he may not be up to it, maliki must take steps to lead iraq to a post-sectarian era. the iraqi government is far from perfect, and only the iraqis control their future. but if we don't want to see on iraq with large swaths of territory under militant control, and we should not, they we must be willing to lend an appropriate hand. and i will now turn to the ranking member, mr. ingle, for

any opening comments. >> thank you very much, mr. chairman. thank you for holding this important hearing on al qaeda's resurgence in iraq. the threat this poses to u.s. security interests, i appreciate the close collaboration that we have working on this and so many of the issues on this committee. last month al qaeda extremes occupied the city of falluja, parts of ramadi, in anbar province. to be sure this had serious applications for iraq security, but it also has a deeper symbolic meaning for americans. as all of us know, u.s. marines fought to bloody battles to secure falluja during iraq war. i want to acknowledge our brave men and women in uniform who lost their lives as well as their families to continue to grieve their losses every day. it breaks my heart when i see what's happening in iraq today. iraq continues to be ravaged by sectarian violence.

the situation is getting worse. last year more than 8500 iraqis were killed in bombings, shootings and other violent acts. the most since 2008. i should note on monday of this week senior leadership of al qaeda excommunicated of his own affiliate, islamic state of iraq in syria, isis. as result of that groups tactics in syria. fofor the purpose of this hearig isis remains a threat, stability and falluja, other areas of anbar province and the whole of iraq. some may argue that the lack of an enduring u.s. troop presence in iraq has contributed to the resurgence of violence, especially sunni terrorism related to al qaeda. let's be honest, the dire security situation in anbar province is much more about iraqi politics than it is about the united states. in any case, the direct use of u.s. military force in iraq is virtually unthinkable at this point. ..

>> to defeat al-qaeda, the iraqi government must take a page out of our playbook from the iraq war and enlist moderate sunni tribes in the fight. i understand that vice president biden recently discussed this issue with prime minister maliki, encouraging him to incorporate tribal militia's fighting iais into iraqi security forces and to compensate those can killed and injured in battle.

i am hopeful that maliki can begin to bridge the widening sectarian gulf in iraq. the deterioration of iraq's control over anbar is also linked to larger regional dynamics. we saw how al-qaeda in iraq expanded its franchise into syria, and we now see violence from that brutal war spilling back into iraq. this has strengthened isis and served as a recruitment vehicle for thousands of foreign fighters of the slow bleed in syria has been a clear hindrance to progress in iraq. iran's nefarious influence in the region also contributed to instability. it is well known that some senior iraqi officials have a very cozy relationship with iran, and iraq has not done theory enough to prevent iranian overflights that deliver weapons to hezbollah and the assad regime in syria. in order to stabilize iraq, the iraqi government will need to be a more responsible actor in the

region. chairman royce and i made that, emphasized that point when we met with mr. maliki several months ago. the discussion today is important to understand how we can encourage a political solution in iraq that will give sunnis a meaningful stake in the future of their country. this is the only viable way to build a safer future for iraq while helping to curb iranian influence and, hopefully, reducing the violence in syria. i'd like to thank deputy assistant secretary brett mcgurk, one of the foremost experts on iraq, for being here today to address these issues with us. mr. mcgurk, i look forward to your testimony and our discussion. i yield back, mr. chairman. >> thank you, mr. engel. we'll hear for a minute from ileana ros-lehtinen, chair of the middle east subcommittee, followed by mr. ted deutch who is the ranking member of that subcommittee. >> thank you very much, mr. chairman. and in addition to the biggest issue which is that we don't have al-qaeda on the run, there are two issues which i

continue to be very concerned about. first is the safety of the residents of camp liberty. they still have very little protection. when last you testified, mr. mcgurk, 192 , t-walls were up. then the big progress is 43 are now up in addition. this is out of 17,500 t-walls. t-walls save lives, put them up. number two, the iraqi-jewish archives, ted deutch and i and many other members are very concerned, don't want them to be shipped back. the iraqi government incorrectly states that these papers are theirs. that is not true, and we hope that you continue to work on that. and the bigger issue that brings us together is that, obviously, since the departure of our troops, al-qaeda's reemergence has caused iraq to be, to take a very worrisome turn for the worse. we've sacrificed so much blood and treasure there to watch it descend into a full sectarian

violence and al-qaeda safe haven, so we've got to -- safe haven, we've got to rebuild our influence there. thank you, mr. chairman, for calling this hearing. >> thank you, ms. ross ros-leht. we'll go to mr. deutch of florida. >> thank you, mr. chairman, and ranking member engel, for holding this extremely timely hearing. 'em boldened by the syrian conflict, al-qaeda affiliated, the number of al-qaeda affiliated in iraq has now reached levels not seep since 2006. -- seen since 2006. the islamic state of iraq in syria is now the primary perpetrator of the worst violence. as my colleagues have noted, al-qaeda has disavowed the state of syria for its use of tactics deemed to be too violent. al-qaeda, one of the world's worst and most brutal terrorist groups, has disowned this group for being too extreme. i fear we have turned the page from simply labeling this spillover from the syrian conflict to a full-scale

resurgence of terror in iraq. various accounts count the number of those killed in january as close to a thousand. rockets were indiscriminately fired. the secretary, the security risks are too great to ignore, and i hope today you'll be able to shed light on what level of assistance we're providing the iraqis and our comprehensive strategy to prevent the growth of this security threat, and i look forward to that testimony, and i yield back, mr. chairman. >> thank you, mr. deutch. now, lastly, we'll go to judge ted poe of texas, chairman of the terrorism subcommittee, followed by brad sherman for a minute of california who's the ranking member of that subcommittee. >> al-qaeda in iraq is back, certainly not on its last legs. the united states has paid a high price to help liberate iraq from the menace of al-qaeda. it is frustrating that al-qaeda is gaining that ground

back in iraq. al-qaeda's resurgence is directly related to prime minister maliki's mishandling of his government, incompetence and corruption seem to be the norm. he centralized power, alienated the sunnis and brought back shia hit squads. he has allowed iranian-supported operate i haves to kill -- operatives to kill dissidents on seven occasions without consequences. the last time you were here, mr. mcgurk, you testified before my subcommittee and ileana ros-lehtinen's subcommittee. i predicted that there would be another attack. seven days after you testified in december, camp liberty was attacked again. all this chaos has created an environment ripe for al-qaeda. al-qaeda's reestablishing a safe haven to plan and launch attacks outside the region. that is totally unacceptable trend. the question is, what is the united states going to do? and i yield back the remainder

of my time. thank you. >> thank you. mr. sherman. >> in the 1940s we occupied countries no, no one doubted our right to occupy. we took our time, we created new governments, and those governments created new societies. at various other times, we've invaded countries, achieved a limited military objective or as much of it as could be achieved at reasonable cost, and we left. the fist exampleover that -- first example of that was thomas jefferson's military intervention in libya. in iraq and afghanistan, we established a bad example. the world and even some in the united states doubted our right to occupy, so we hastily installed karzai in afghanistan, and in iraq we installed a structure which has now been presided over by mr. maliki. it is not surprising that afghanistan and iraq continue to be problems since we have, we hastily handed over governance to those who were ill prepared. iraq is not the most important

arab state strategically, it does not become more important in the future because we made a mistake in the past that cost us dearly in blood and treasure. we should not pound that mistake -- compound that mistake. on the other hand, iraq is important in part because of its proximity to iran which i believe is one of the greatest threats to our national security. finally, i agree with several of the prior speakers that we need to, with regard to camp liberty and the t-walls, and i yield back. >> thank you, mr. sherman. this morning we're pleased to be joined by deputy assistant secretary for iraq and rapp, mr. brett -- and rapp, mr. brett mcgurk. prior to this current assignment, he served as senior adviser to ambassadors ryan crocker, chris hill and james jeffrey in baghdad. he also served as a lead negotiator and coordinator during bilateral talks with the

iraqi government back in 2008. without objection, by the way, your full prepared statement will be made part of the record, and the members here will have five days to submit any statements or questions or any other extraneous material for the record. and, mr. mcgurk, if you would, please, summarize your remarks, and then we'll go to questions. >> thank you. good morning, chairman royce, ranking member engel and members of this committee. thank you for inviting me to discuss the situation in iraq with a focus on al-qaeda's primary offshoot in iraq, the islamic state of iraq and levant or isil. i will discuss the current situation in rah dad my -- ramadi and fallujah. isil is well known to us. its former incarnation, aqi, was a focus of u.s. and iraqi security efforts over many years beginning with the rise of its first leader more than a decade

ago. its current leader is a designated global terrorist under u.s. law and we believe is currently based in syria. his mission is clearly stated in his own statements, to carve out a zone of governing territory from baghdad through syria to lebanon. the syria conflict over the past two years provide a platform for isil to gain resources, recruits and safe havens. while the reice number of -- precise number of fighters is unknown, james clapper last week testified there are likely 26,000 extremist fighters in syria including 7,000 foreign fighters. many of these fighters are affiliated with isil. isil in its earlier incarnation inflicted mass casualty attacks in iraq. over the years 2011 and 2012. it was not until early last year that we began to see a significant increase in its attacks, most notably suicide and vehicle bombs. suicide attacks, we assess, are nearly all attributable to isil, and nearly all suicide bombers are foreign fighters who enter iraq through syria.

to give one notable statistic, in november 2012 iraq saw three suicide attacks throughout the country. in november 2013, it saw 50. isil is now striking in iraq along three main lines of corporations. first, it is attacking shia civilian areas in an effort to rekindle a civil war. these are the vast majority of attacks. second, it is attacking sunni areas to eliminate rivals and govern territory. in one 30-day period, for example, isil suicide bombers attacked three small towns in anbar province. third, isil is now attacking the kurds in northern iraq in disputed boundary areas to incite ethnic tension and unrest. isil likely stage and plan these attacks in iraq. the iraq can keys began to spot these camps late last summer but were unable to attack them effectively due to hack of necessary ct equipment which is needed to deny terrorists safe haven. today, thanks to close cooperation from this committee

and the congress, we've begun to address this problem as i'll discuss in more detail. by the end of last year, signature isil attacks, vehicle and suicide bombs matched levels not seen since the summer of 2007. overall, violence remains far lower mainly because militias haven't responded to them. also over the course of 2013 political instability and continuous unrest in sunni areas enabled but did not cause isil's rise. there was a protest movement that began after a number of body forwards to the former minister of finance were detained by iraqi security forces. these protests placed a number of legitimate demands such as ending the process of debaathification and insuring criminal due process. we supported these legitimate demands, and we worked with all parties to shape a package of legislation to address them which is now pending in the iraqi parliament. ongoing violence, however, has made it difficult for shia and

kurdish blocs to support this package of legislation absent concessions for their own constituencies. over the course of the spring and into the summer, the protest movement became more militant with al-qaeda flags spotted in protest squares. this accelerated a vicious cycle. isil exploited unaddressed grievances and increasing violence but long overdue reforms further out of reach. this brings us to where we are today and how we intend to help the iraqis fight back. on january 1, 2014, a convoy of a hundred trucks with anti-aircraft guns flying the black flag of al-qaeda entered the cities of fallujah and ramadi. they deployed to key objectives, destroyed most police stations and secured vital crossways. the police in both cities nearly disintegrated. the the domination of these central cities was a culmination of isil's 2013 strategy. in fallujah, days after seizing central areas, isil declared the city part of an islamic

caliphate. this message, however, is not popular in anbar province. in ramadi in the hours after isil arrived in force, tribal leaders asked for funds and arms to retake their streets. the government responded with money, weapons and assurances that tribal fighters would enjoy full benefits of any soldier in the iraqi army. i have been to iraq twice since the new year in meetings with prime minister maliki and other iraqi leaders. i've pressed upon them the urgent necessary the city of mobilizing the pop haitian against isil. i have also discussed the situation directly with tribal and local leaders in anbar province. these coordinated efforts have begun to produce results. fighting continues in ramadi's outskirts, but local leaders report that the central city is increasingly secure with tribal fighters working in coordination with local leaders. the iraqi army has helped where necessary to secure populated areas. the situation of fallujah is more serious. with hardened isil fighters and

former insurgents in control of the streets. one week ago they captured a group of iraqi scoldiers -- soldiers and then executed them. further complicating the situation, we assess that some tribes in and around fallujah are supporting isil while others are fighting and many others remain on the fence. the hardened fighters inside the city are seeking to draw the army into a direct confrontation. thus far, the army has not taken the bait, focusing its earths on the outskirts and keeping tribal fighters in the lead. but make no mistake, the goth of iraq working in full coordination with local leaders and the local population has a responsibility to secure fallujah. under the plan that is now being developed as explained to us by local and national leaders late last week, tribal fighters will lead this effort with the army in support when needed. the united states is prepared to offer advice, make recommendations and share lessons learned based on our deep experience in these areas. general austin had a series of candid conversations with iraqi

officials and commanders about the importance of patience and planning. isil is also planning to consolidate control of fallujah and move 30 miles east to baghdad. in a rare audio statement on january 21st, isil's leader directed his fighters, quote: to be on front lines against shia and march towards baghdad. were there any doubt of potential risks for the united states, he added what he said was a direct message to the americans. quote: soon we'll be in direct confrontation, so watch for us, for we are with you watching, end quote. we take such threats seriously, and through cooperation with this committee and the congress, we intend to help the iraqis in their efforts to defeat isil over the long term. here's how. first, we are pressing the national leadership from the highest possible levels to develop a holistic security/political/economic strategy to isolate extremists from the population. this means supporting local tribal fighters, incorporating those fighters into the security services and committing to april

elections to be held on time. second, we're supporting the iraqi security forces through accelerated foreign military sales, training and information sharing. the iraqis have now equipped careful of an aircraft, for example, to fire hellfire missiles thereby denying isil safe haven in the western desert. such assistance is offered pursuant to a holistic strategy, and we've made clear to the iraqis that the operation while a necessary condition for defeating isil are not sufficient. third, we are actively encouraging an aggressive economic component to mobilize the -- against the isil. we have allocated over $35 million in anbar province in assistance and payments to fighters. throughout our message to all iraqi leaders is firm: despite your differences across a host of issues, you must find a way to work together when it comes to isil, an organization that threatens all iraqis. this is particularly true for

prime minister maliki who, as the head of state, must take extra measures to reach out to sunni leaders and draw a critical mass of local population into the fight. i want to thank you again for allowing me to address this most important topic. look forward to working closely with you in the months ahead to protect u.s. breasts in iraq and -- interests in iraq and throughout the region, and i look forward to your questions. thank you. >> thank you, mr. mcgurk. the first question i was going to ask you related to something that happened last summer, there were militant camps and training grounds spotted in western iraq. so we could see this brewing. and yesterday we heard the cia director note before congress that there are camps inside of both iraq and syria that are, in his words, used by al-qaeda to develop capabilities that are applicable both in theater as well as beyond. so you noted that the iraqi government could spot these camps but did not have the ability to target effectively,

leaving safe havens just miles from populated areas, in your words. if these al-qaeda camps present a direct threat to to our interests and the iraqis can't deal with it, then why weren't we doing more against these camps? you know, how would this gap that the iraqi capabilities obviously can't meet be closed? how could you effectively move on this? >> thank you, mr. chairman. let me kind of walk through the last four or five months. really late last summer the iraqis spotted some of these camps, and they tried to target them. they flew bell 104 helicopters out, 407 helicopters out there. the helicopters were shot up by pkc machine guns. they tried to send the army out there. the army was ied'd on the roads which were heavily booby trapped. so it was clear despite a strong

iraqi security force capability, they were not able to target camps in these remote areas, and their special forces also could not operate effectively in those areas. and that is when we began to accelerate some of our foreign military assistance programs and also information sharing to get a better intelligence picture. so two notable developments over recent months. first, the iraqis have become very effective with the hellfire missile strikes, and we are helping them in the find, fix and finish mission they're undertaking, and second, we believe as we've had many good discussions with this committee that apache helicopter platforms are critical for denying safe haven in these areas over the long term. i want to thank this committee for helping us with that sale which was recently approved. but this won't be until later this year that the first helicopters get into the country and are operational, but that is a long-term solution to this problem. >> the other question i was going to ask you was in your testimony you called suicide bombers a key data point we track and noted that these

suicide bombers operating in iraq are, in fact, foreign fighters that have come in. where are these foreign fighters coming from? we've seen reports that close to a thousand have come from europe, some from the u.s.. i was going to ask you how do you assess the threat to u.s. personnel, not only that threat to personnel and our interests in the region, but also here in the united states? >> mr. chairman, the foreign fighters in syria are coming from all over the world. this is a problem we faced in the years 2006 to 2008 when foreign fighters were coming into syria and also making their way into iraq through what was then the al-qaeda in iraq network. they're coming mainly from the region. but we do assess from our best intelligence assessments that the suicide bombers are foreign fighters. right now they do not pose a direct threat to us or our personnel, but they pose a

direct threat to the stability of iraq. the suicide bombers -- and, again, about 5-10 a month over 2011-2012, now about 30-40 a month -- it has a pernicious effect on the political discourse in the country. car bombs, the iraqis have been able to protect against car bombs. you don't see mass casualty car bomb attacks like you used to see. there's still a lot of car bomb, but casualties are lower. it's the suicide bombers who are able to get into funerals, mosques, populated areas and cause mass casualties which has just a devastating effect on the country. so it's a very serious, serious problem and a regional problem. >> and the last, the last question i'll ask in my remaining moments, you were just in baghdad meeting with iraqi officials, and you state that you detected for the first time acknowledgment that government of iraq missteps may have made the problem worse. and as i noted in my statement, this is not the feeling that ranking member engel and i

received when we, when we raised this issue. with the president of iraq in our meeting. so that was a few months ago. i am somewhat encouraged by this, but how encouraged should we be? because our concern has long been that this lack of reconciliation is compounding the problem seriously. >> i have found, frankly, mr. chairman, an attitude among iraqis that was similar to tactics that we used in the early part of the war, that the security problem was simply a security problem and not a problem that was fused with politics and economics. and we had a series of conversations over the course of last year as the isil attacks increased in which iraqis saw this mainly as a security problem. all i can say is that i have been there twice this month since the entry of isil into fallujah and ramadi, and i have heard across the board from the prime minister on down that unless you enlist local sunnis

in those areas, you will never defeat and isolate isil. and we have seen that now manifested if a commitment the iraqi cabinet has passed a number of resolutions saying tribal fighters will be given full benefits of the state. and most significantly, prime minister maliki has made a commitment of tribal fighters who oust isil from these areas will be incorporated into the formal security services of the state, the police and the army. that did not happen with the awakening fighters that we worked with in 2006-2008. so that is a very significant commitment. we now need to stay on the iraqis the make sure they follow through. >> thank you. we'll go to mr. engel. >> thank you, mr. chairman. mr. mcgurk, let me ask you about al-qaeda in iraq. it's been reported that al-zawahiri, the head of al-qaeda, has disowned the islamic state of iraq and syria. so if that's true, what does that mean for al-qaeda's presence in iraq?

what are the repercussions for isis operating without the al-qaeda umbrella, and how will this affect the rebel in-fighting in syria now that al-nusra has the blessing of al-qaeda? >> well, both isil and al-nusra both kind of came out of al-qaeda in iraq. isil, basically, is al-qaeda in iraq. its leader was the leader since 2010. nusra was a bit of an offshoot and is focused more on syria. as you said, there's now this message which seems from zawahiri saying isil is now longer affiliated with al-qaeda central. i would defer to my intelligence colleagues on the long-term effects, but what we have found is that isil has such a media presence, such a propaganda presence and is able to self-sustain itself by controlling facilities in eastern syria including oil facilities and also through extortion rackets in cities in western iraq that it'll be able to maintain its cycle of operations.

in terms of those who are recruited and come into isil, it's really their message -- and it goes all the way back to zarqawi ten years ago -- is perniciously sectarian. that shia muslims in particular simply don't have a right to live, and they should be killed. and those who believe that tend to gravitate towards isil. nusra is more of a al-qaeda central-like message, and also including a threat to us. but i think despite this new statement we've seen, i think isil is going to maintain its pace of operations and continue to be a very serious threatment. >> thank you. i'd like to ask you some questions about iraq and iran and the relationship. when i look back at the war in iraq, what really breaks my heart is that we lost so many americans, so much american

blood, and i now it's almost as if we -- and now it's almost as be we didn't do anything. nothing we did was positive, it's all been eroded, and it really just breaks my heart for people who have lost loved ones there. we're the ones responsible, in my opinion, for making iran the hegemonic power in the region, because iran and iraq for years fought wars, checked each other, and once we blew up -- not that saddam hussein was worth anything, but once we blew up the minority sunni regime in iraq, it seems to me it was only obvious that the shias in iraq would gravitate to the shias in iran. and the sad thing is that iran has more influence, in my opinion, in iraq i now than we have. so there are reports, and chairman royce and i raised this with mr. maliki when he was in

washington, that iraq's allowing iran overflights as iran seeks to arm hezbollah. hezbollah, obviously, is now fighting the war in syria on assad's side. it's helping hezbollah expand its presence in syria, defending the assad regime. so can you characterize that relationship that prime minister maliki and other senior iraqi officials have with iran? and how would you describe iraq's commitments to the u.s. on the overflight issue? does maliki understand how this destabilizes the region? >> iraq's relationship with iran is multifaceted. we have found repeatedly over the years that iraq acts primarily in its own interests. we found very few instances in which we've seen iraq acting at the behest of iran in which it did not see it acting in its own interests. you can look at that in terms of iraq's overall oil production,

you can look at it in terms of iraq ratifying the additional protocol, you can look at it in terms of iraq supporting the geneva i communique, a number of steps in which we know the iranians were pressing the iraqis not to do things, and iraqis did them. the issue of overflights is something where they have not done enough. we continue to press this issue. inspections go up, inspections go down. it's very frustrated. it's often difficult to get a precise intelligence picture of specific flights and what's on a flight. we know that material we believe is coming on a civilian aircraft, so we -- it's a problem that we focus on all the time. it's the one area where i can say iraq is simply not doing enough. >> thank you. i just want to make one final comment, and that is it was my opinion when the chairman and i met with mr. maliki that he, he was a good listener, but i didn't think he provided too much in terms of answers to the questions we had, one of which was overflights. i think that he just came to

listen but really didn't come to put his head together with us and help solve the problem. >> i have found, congressman, that since the prime minister's trip, your meeting with him, other meetings he had here on the hill, he spent about two hours with president obama in the oval office. he got a very direct message on a number of issues, and we have seen some fair hi significant changes -- fairly significant changes from that visit. so i want to thank you for the meeting you had with him. i think you made an influence on some of the issues which i know we'll discuss can, camp liberty we've seen some changes, and particularly in the need for a holistic strategy to defeat isil and enlisting the sunnis into the fight at the local level. we have seen some fairly dramatic and significant changes from that visit. ..